asyncrat | 132acdd518240ece3cb4da78c47bc7fc5ed8d55420084104cbc91e6022bdb833 | Triage

Sharing

General

Target

132acdd518240ece3cb4da78c47bc7fc5ed8d55420084104cbc91e6022bdb833
Size

423KB
Sample

231012-pjn75ahh6s
MD5

8be3ed1a25c8897814fb4406f67e20ab
SHA1

6764afeaacf798cf028e299c899f517dab288315
SHA256

132acdd518240ece3cb4da78c47bc7fc5ed8d55420084104cbc91e6022bdb833
SHA512

7a3c0f5ae1717e7d205ea7c1cd32f1c5404e66860172ebf2bab9d01d4eb033b0afd6b6093d3d264f2d428ccadeaf2b1bc6d811aea82c351f07559ea993ba41a5
SSDEEP

6144:6JMjlxapsNjrd+JWHVJfgPyOH+8tmZWeCC55Dmfm/zRU:6mksNjrd+JWHVJftOH+8tmD+6RU

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

62.234.33.152:3502

Mutex

nxmvjnsswgvrmfc

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  132acdd518240ece3cb4da78c47bc7fc5ed8d55420084104cbc91e6022bdb833
- Size
  
  423KB
- MD5
  
  8be3ed1a25c8897814fb4406f67e20ab
- SHA1
  
  6764afeaacf798cf028e299c899f517dab288315
- SHA256
  
  132acdd518240ece3cb4da78c47bc7fc5ed8d55420084104cbc91e6022bdb833
- SHA512
  
  7a3c0f5ae1717e7d205ea7c1cd32f1c5404e66860172ebf2bab9d01d4eb033b0afd6b6093d3d264f2d428ccadeaf2b1bc6d811aea82c351f07559ea993ba41a5
- SSDEEP
  
  6144:6JMjlxapsNjrd+JWHVJfgPyOH+8tmZWeCC55Dmfm/zRU:6mksNjrd+JWHVJftOH+8tmD+6RU
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultrat